su problems (bob) (Was Re: Taroon-list Digest, Vol 16, Issue 11)

Mailing List

Home

Forum Home

Linux - General Red Hat Linux discussion list

Enterprise Linux 3 - Discussion of Red Hat Enterprise Linux 3 (Taroon)

Installation - Getting started with Red Hat Linux

Red Hat Linux 9 - Discussion of Red Hat Linux 9 (Shrike)

Red Hat Linux 7.3 - Discussion of Red Hat Linux 7.3 (Valhalla)

Red Hat Linux 7.2 - Discussion of Red Hat Linux 7.2 (Enigma)

Apache Web Server

Oracle database, Microsoft SQL server ...

Subjects

•	application/x mplayer2 plugin
•	RPM error: db4 error(16) from dbenv >remove: Device or resource busy
•	Command stream end of file while reading
•	X Windows problem (xauth)
•	Upgrading openoffice 1 1 rpm
•	FTP: connection refused
•	FTP: connection refused
•	mount: /dev/cdrom: is not a valid block device
•	Dell Precision 650, RedHat 9, no sound
•	how to trace the cause resulting in the crash of bind server
•	Virus on the list
•	UNINSTALL RPM MYSQL
•	usb pen drives: mounting as a user
•	broadcom network interface
•	make mrproper
•	sendmail configuration on redhat
•	Couldn 't open PID file /var/run/named/named pid Permission denied
•	Promise 378 controller
•	kernel 2 6 and /dev/sound/mixer not found
•	Problem using up2date
•	mrtg step by step howto/configuration for a newbie?
•	Compiling and Installing Kernel 2 6
•	Can 't locate module ppp0, can 't locate module ppp compress 21
•	HOW I CAN MAKE BOOTABLE FLOPPY DISKET
•	Lotus Notes under Wine
•	/etc/security/limits conf question
•	Intel E/1000 driver
•	Command stream end of file while reading
•	rpm database corrupt
•	qla2300 modules

su problems (bob) (Was Re: Taroon-list Digest, Vol 16, Issue 11)

su problems (bob) (Was Re: Taroon-list Digest, Vol 16, Issue 11)

2005-06-07 - By bob

Back

Reply: 1 2 3 4

With much thanks chmod 4755 /bin/su fixed the problem. Still wondering how
up2date could gain access to root with password, must be a diffrent auth for
up2date if you read below.
ok end of my rant.

Thanks team !!

-bob

-- -- Original Message -- --
From: "Stephen Gardner" <stephen-rhel@(protected)>
To: "Discussion of Red Hat Enterprise Linux 3 (Taroon)"
<taroon-list@(protected)>
Cc: "Koree A. Smith" <koreesmith@(protected)>
Sent: Monday, June 06, 2005 5:53 PM
Subject: Re: su problems (bob) (Was Re: Taroon-list Digest, Vol 16, Issue
11)

>
> On Mon, 6 Jun 2005, bob wrote:
>
>> -rwxr-xr-x 1 root root 47522 Aug 12 2003 /bin/su
>>
>> -bob
>
> All credit to Koree who appears to have hit on the problem. An rpm -V
> coreutils should show the that the mode on /bin/su differs from when it
> was installed (rpm output: .M...... /bin/su ). As root you should
> reset the permission on /bin/su back to the default mode 4755. You
> should re-verify with another rpm -V coreutils. I'd guess that a piece of
> security auditing software (or similar) has been run and has reset the
> setuid bit on /bin/su believing it to be a security vulnerability but in
> this case it is correct.
>
> One important note is that if the initial run of rpm shows anything other
> than .M...... (particularly if it includes a "5") it's worth
> re-installing the coreutils package. However unlikely if /bin/su has
> been tampered with / replaced it would be best to have a fresh copy on the
> system just to be safe seeing as su is very often used in conjunction with
> root privileges.
>
> Regards,
> Stephen
>
>
>> -- -- Original Message -- -- From: "Koree A. Smith"
>> <koreesmith@(protected)>
>> To: <taroon-list@(protected)>
>> Sent: Monday, June 06, 2005 9:57 AM
>> Subject: RE: su problems (bob) (Was Re: Taroon-list Digest, Vol 16, Issue
>> 11)
>>
>>
>>> What are the permissions on su currently?
>>>
>>> --
>>> Koree A. Smith
>>> --
>>> koreesmith@(protected)
>>>
>>> >
>>> > Message: 1
>>> > Date: Sun, 5 Jun 2005 10:55:51 -0500
>>> > From: "bob" <sdcbob@(protected)>
>>> > Subject: RE: su problems
>>> > To: "Discussion of Red Hat Enterprise Linux 3 $Taroon$"
>>> > <taroon-list@(protected)>
>>> > Message-ID: <006001c569e7$0cb186d0$3201a8c0@(protected)>
>>> > Content-Type: text/plain; charset="iso-8859-1"
>>> >
>>> > Hello, after the recent kernel update to my box via up2date some odd
>>> > things are going on with su.
>>> >
>>> > output---
>>> >
>>> > $ up2date
>>> > You are attempting to run "up2date" which requires administrative
>>> > privileges, but more information is needed in order to do so.
>>> > Password for root:
>>> > Please specify either -l, -u, --nox, or package names as command line
>>> > arguments.
>>> > usage: up2date [OPTIONS] [<packages>]
>>> >
>>> >
>>> > Same account,
>>> >
>>> >
>>> > Red Hat Enterprise Linux ES release 3 (Taroon Update 4)
>>> >
>>> > $ su -
>>> > Password:
>>> > su: incorrect password
>>> > $ id
>>> > uid=2525(bob) gid=2525(bob) groups=2525(bob),10(wheel)
>>> >
>>> >
>>> > same with su root , open for suggestions. hope this is the correct
>>> > list to send this too =)
>>> >
>>> >
>>> > -bob
>>> > -- ---- ------ next part -- ---- ------
>>> > An HTML attachment was scrubbed...
>>> > URL:
>>> > https://www.redhat.com/archives/taroon-list/attachments/20050605/0a65185d
/attachment.htm
>>> >
>>> > -- ---- ---- ---- ---- ---- --
>>> >
>>> > --
>>> > Taroon-list mailing list
>>> > Taroon-list@(protected)
>>> > http://www.redhat.com/mailman/listinfo/taroon-list
>>> >
>>> > End of Taroon-list Digest, Vol 16, Issue 11
>>> > *******************************************
>>> >
>>>
>>> --
>>> Taroon-list mailing list
>>> Taroon-list@(protected)
>>> http://www.redhat.com/mailman/listinfo/taroon-list
>>
>> --
>> Taroon-list mailing list
>> Taroon-list@(protected)
>> http://www.redhat.com/mailman/listinfo/taroon-list
>>
>>
>
> --
> Taroon-list mailing list
> Taroon-list@(protected)
> http://www.redhat.com/mailman/listinfo/taroon-list

--
Taroon-list mailing list
Taroon-list@(protected)
http://www.redhat.com/mailman/listinfo/taroon-list

Earn $52 per hosting referral at Lunarpages.